Possible new virus/malware? slui.exe in %Userprofile%\AppData\Roaming

Similar Messages

• PDF Virus/Malware "Peachy"

  Does anyone know what this new virus/malware does to your computer or how to tell if you have been infected? I have installed the security update but I download a lot of PDF files from the internet and want to find out if I may have already been infected.

  I'm running OSX 10.4.11 on one machine and 10.5.4 on another. I have Acrobat Pro 8.1.2 on both. I just updated one computer with 8.1.3 and will update the other tonight.
  I can't seem to find a lot of info on this subject. Looks like there are more PDF viruses than just Peachy circulating.
  I have not seen any pdf files with an attachment.

• Folder %USERPROFILE%\Appdata\local\Microsoft\Windows\caches created everywhere

  Everywhere in all folders that I access a new (empty) folder is created called:
  %USERPROFILE%\Appdata\local\Microsoft\Windows\caches
  Apparently some application/service is not able to resolve %USERPROFILE%. Which application is it and what is the cause?

  Hi,
  Could you please share more information with me? I don't quite understand this issue
  "Everywhere in all folders that I access a new (empty) folder is created called:
  %USERPROFILE%\Appdata\local\Microsoft\Windows\caches"
  Or you can share some screenshots with us.
  What is the result if you manually delete it?
  Regards
  Yolanda
  TechNet Community Support

• Firefox 4 crashes after windows recovery virus /malware infection

  Hello My computer was infected by the "windows recovery " virus/malware when running Firefox 4 with administrator right user . I could get rid of the virus/malware using antivirus and antimalware sw ( superantispyware, antimalwarebytes, spybot and avast ) . Currently , no viruses or malwares are reporetd on my system . Still, when starting firefox.exe , the error message " firefox has encountered a problem and needs to close " is triggered and , although firefox starts and runs OK; it will close whenever a send/don't send option is taken on the error message . If I rename the Firefox.ex exe program into another name, Firefox runs OK and the error message is not triggered .
  I have had superantispyware support run an analysis tool on my system and their feedback was that the infection, if any, can only be viral . I had AVAST run in F8 safe mode and no viruses are reported any longer after desinfection of the system where a couple of exes created by the malware were found/deleted . I tried uninstall/reinstall Firefox 4 and 3, but the problem remains . Also, I have looked for a crash report in the documents and settings folder but finds none . Last, I also tried to start firefox.exe in safe mode but it will not start ( it will well start if I rename firefox.exe into another name )
  Thanks beforehand if you can suggest something to solve this .
  Best regards Pierre W

  Does it help if you create a new profile or uninstall and reinstall Firefox?
  If you reinstall Firefox then be sure to remove the Firefox program folder to remove possibly left over files in it.
  You can try to create a new profile as a test to check if your current profile is causing the problems.
  See "Basic Troubleshooting: Make a new profile":
  *https://support.mozilla.org/kb/Basic+Troubleshooting#w_8-make-a-new-profile
  There may be extensions and plugins installed by default in a new profile, so check that in "Tools > Add-ons > Extensions & Plugins" in case there are still problems.
  If the new profile works then you can transfer some files from the old profile to that new profile, but be careful not to copy corrupted files.
  See:
  *http://kb.mozillazine.org/Transferring_data_to_a_new_profile_-_Firefox
  See also:
  *http://kb.mozillazine.org/Firefox_crashes
  *https://support.mozilla.org/kb/Firefox+crashes

• Question on the new virus attack warning on the Mac

  Hi everybody,
  Just wondering if anyone is getting worried about the new virus attacks that are predicted on their way at the Mac according to media sources. I have Firewall on and also Stealth Mode enabled but I'm worried now if that's enough. I've looked at ClamX but that seems like it can cause other problems. MacScan seems to be good software for a decent price. Any ideas from anyone will be appreciated.
  Rich

  No viruses that can attack OS X have so far been detected 'in the wild', i.e. in anything other than laboratory conditions.
  It is possible, however, to pass on a Windows virus to another Windows user, for example through an email attachment. To prevent this all you need is the free anti-virus utility ClamXav, which you can download from:
  http://www.clamxav.com/
  However, the appearance of Trojans and other malware that can possibly infect a Mac seems to be growing, but is a completely different issue to viruses.
  If you allow a Trojan to be installed, the user's DNS records can be modified, redirecting incoming internet traffic through the attacker's servers, where it can be hijacked and injected with malicious websites and pornographic advertisements. The trojan also installs a watchdog process that ensures the victim's (that's you!) DNS records stay modified on a minute-by-minute basis.
  You can read more about how, for example, the OSX/DNSChanger Trojan works here:
  http://www.f-secure.com/v-descs/trojanosxdnschanger.shtml
  SecureMac has introduced a free Trojan Detection Tool for Mac OS X. It's available here:
  http://macscan.securemac.com/
  The DNSChanger Removal Tool detects and removes spyware targeting Mac OS X and allows users to check to see if the trojan has been installed on their computer; if it has, the software helps to identify and remove the offending file. After a system reboot, the users' DNS records will be repaired.
  (Note that a 30 day trial version of MacScan can be downloaded free of charge from:
  http://macscan.securemac.com/buy/
  and this can perform a complete scan of your entire hard disk. After 30 days the cost is $29.99. The full version permits you to scan selected files and folders only, as well as the entire hard disk. It will detect (and delete if you ask it to) all 'tracker cookies' that switch you to web sites you did not want to go to.)
  A white paper has recently been published on the subject of Trojans by SubRosaSoft, available here:
  http://www.macforensicslab.com/ProductsAndServices/index.php?mainpage=document_general_info&cPath=11&productsid=174
  Also, beware of MacSweeper:
  MacSweeper is malware that misleads users by exaggerating reports about spyware, adware or viruses on their computer. It is the first known "rogue" application for the Mac OS X operating system. The software was discovered by F-Secure, a Finland based computer security software company on January 17, 2008
  http://en.wikipedia.org/wiki/MacSweeper
  On June 23, 2008 this news reached Mac users:
  http://www.theregister.co.uk/2008/06/23/mac_trojan/
  More information on Mac security can be found here:
  http://macscan.securemac.com/
  The MacScan application can be downloaded from here:
  http://macscan.securemac.com/buy/
  You can download a 30 day trail copy which enables you to do a full scan of your hard disk. After that it costs $29.95.
  More on Trojans on the Mac here:
  http://www.technewsworld.com/story/63574.html?welcome=1214487119
  This was published on July 25, 2008:
  Attack code that exploits flaws in the net's addressing system are starting to circulate online, say security experts.
  The code could be a boon to phishing gangs who redirect web users to fake bank sites and steal login details.
  In light of the news net firms are being urged to apply a fix for the loop-hole before attacks by hi-tech criminals become widespread.
  Net security groups say there is anecdotal evidence that small scale attacks are already happening.
  Further details here: http://news.bbc.co.uk/2/hi/technology/7525206.stm
  A further development was the Koobface malware that can be picked up from Facebook (already a notorious site for malware, like many other 'social networking' sites), as reported here on December 9, 2008:
  http://news.bbc.co.uk/newsbeat/hi/technology/newsid_7773000/7773340.stm
  You can keep up to date, particularly about malware present in some downloadable pirated software, at the Securemac site:
  http://www.securemac.com/
  There may be other ways of guarding against Trojans, viruses and general malware affecting the Mac, and alternatives will probably appear in the future. In the meantime the advice is: be careful where you go on the web and what you download!
  As to the current 'Conficker furore' affecting Intel-powered computers, MacWorld recently had this to say:
  http://www.macworld.co.uk/news/index.cfm?email&NewsID=25613
  Although any content that you download has the possibility of containing malicious software, practising a bit of care will generally keep you free from the consequences of anything like the DNSChanger trojan.
  1. Avoid going to suspect and untrusted Web sites, especially *********** sites.
  2. Check out what you are downloading. Mac OS X asks you for you administrator password to install applications for a reason! Only download media and applications from well-known and trusted Web sites. If you think you may have downloaded suspicious files, read the installer packages and make sure they are legit. If you cannot determine if the program you downloaded is infected, do a quick Internet search and see if any other users reported issues after installing a particular program.
  3. Use an antivirus program like ClamXav. If you are in the habit of downloading a lot of media and other files, it may be well worth your while to run those files through an AV application.
  4. Use Mac OS X's built-in Firewalls and other security features.
  5. Stop using LimeWire. LimeWire (and other peer-to-peer sharing applications) are hotbeds of potential software issues waiting to happen to your Mac. Everything from changing permissions to downloading trojans and other malicious software can be acquired from using these applications.
  6. Resist the temptation to download pirated software. After the release of iWork '09 earlier this year, a Trojan was discovered circulating in pirated copies of Apple's productivity suite of applications (as well as pirated copies of Adobe's Photoshop CS4). Security professionals now believe that the botnet (from iServices) has become active. Although the potential damage range is projected to be minimal, an estimated 20,000 copies of the Trojan have been downloaded.

• Do I have a virus/malware problem? Idiot needs help

  Hello, Received an email from 'Royal Mail Global' saying that they had failed in delivering a package and to open the attached '.zip' file. Without thinking, I opened the file- it didn't launch anything. I realise this is incredibly stupid and I am mortified. However, I am now concerned that I have a virus, malware, etc. As I am a computer idiot: how do I check if a virus is on the system or a malware programme is stealing all my details? People say "you'll be ok, Mac's don't get virsus" but how do you know? I have encountered no issues, as yet.... I run OS X and have a mac mini. Please help- will be eternally grateful. Thank you in advance

  MacHagan wrote:
  Hello, Received an email from 'Royal Mail Global' saying that they had failed in delivering a package and to open the attached '.zip' file. Without thinking, I opened the file- it didn't launch anything.
  First of all, your Lion OS would have notified you if that was anything currently known to be dangerous. If it was malware it was almost certainly designed for Windows and of no consequence to OS X. If you are certain that the email is spam/junk/hoax then use the delete button in your e-mail client to get rid of it. Check the trash folder and delete it from there, if necessary. If this is a Gmail account, let me know as there may be one more step.
  When you say you opended the file, I assume you used an open button or double-clicked the attachment symbol? And then it didn't launch anything, but it should have launch the Archive Utility to unzip the attachment. Did that not happen? Did you see anything after you "opened it"?
  Even if it was unzipped, sitting in an attachment folder somewhere and is malware, it won't do anything at all until you attempt to open it. And as I said previously, it's almost certainly for Windows users, anyway.
  If you followed the suggestion to use ClamXav (or any other A-V software), there are some special considerations regarding e-mail. Here are my standard cautions:
  Never use ClamXav (or any other A-V software) to move (quarantine) or delete e-mail. It will corrupt the mailbox index which could cause loss of other e-mail and other issues with functions such as searching. It may also leave the original e-mail on your ISP's e-mail server and will be re-downloaded to your hard drive the next time you check for new mail.
  So, if you choose to "Scan e-mail content for malware and phishing" in the General Preferences, make sure you do not elect to either Quarantine or Delete infected files.
  When possibly infected e-mail files are found:
  Right-click/Control-click on either the infection or file name in the ClamXav window.
  Select "Reveal In Finder" from the pop-up menu.
  When the window opens, double-click on the file to open the message in your e-mail client application.
  Read the message and if you agree that it is junk/spam/phishing then use the e-mail client's delete button to delete it (this is especially important when the word "Heuristics" appears in the infection name).
  If you disagree and choose to retain the message, return to ClamXav and choose "Exclude From Future Scans" from the pop-up menu.
  If this is a g-mail account and those messages continue to show up after you have deleted them in the above manner, you may need to log in to webmail using your browser, go to the "All Mail" folder, find the message(s) and use the delete button there to permanently delete them from the server.
  For instructions on how to handle any infections that do not involved e-mail, use the Help menu or go directly to this link Dealing with Infected Files.

• How to find out if your Mac has the new Virus ?

  How to find out if your Mac has the new Virus, and how to fix it ???

  Helpful Links Regarding Flashback Trojan
  A link to a great User Tip about the trojan: Flashback Trojan User Tip
  A related link in the tip to a checker: Malware Checker Dowload Link
  A Google search can reveal a variety of alternatives on how the remove the trojan should your computer get infected. This can get you started.
  For now I recommend the User Tip from etressoft to detect and remove:
  Checking for and removing the "Flashback" trojan
  Kaspersky Flashback Trojan Site:Flashback Trojan Detection and Removal
  Also see Apple's article About Flashback malware.

• Browser Virus Malware Adware etc.  HELP!

  I have been trying for 3 days to kick this absurd problem off of my Macbook Pro.  It feels like I have a virus/malware/adware situation that is making me feel like I'm back on a PC (UGHHHHH).
  BEFORE THE PROBLEM:
  I kept getting "scratchdisk" or "startup disk" is full notices so I could not download the new OS
  I started searching the web for solutions
  I started removing all unneeded files
  I used Clean My Mac to remove unwanted/unneeded files
  I downloaded OS X 10.9.5
  THE PROBLEM:
  The following things occur when I attempt to use any of the 3 browsers: Google Chrome, Safari, Firefox:
  pop up windows appear ALL over the place
  Pop up windows block my ability to use the intended web page
  tabs automatically open for Wix, Mackeeper, Credit Check websites etc.  (It's infuriating!)
  Sites I am attempting to use fail to respond
  ACTIONS TAKEN:
  run Clean My Mac (nada)
  delete all cookies (nada)
  trash or uninstall any/all unknown apps/programs
  uninstall Google Chrome
  uninstall Firefox
  reset Safari
  some terminal exercise from an Apple forum (did...nada)
  RESOLVE:
  NOTHING seems to be working...I'm about to launch my computer out the window... HELP!?

  There is no need to download anything to solve this problem.
  A.
  You may have installed the "VSearch" trojan. Remove it as follows.
  Malware is always changing to get around the defenses against it. These instructions are valid as of now, as far as I know. They won't necessarily be valid in the future. Anyone finding this comment a few days or more after it was posted should look for more recent discussions or start a new one.
  Back up all data before proceeding.
  Step 1
  From the Safari menu bar, select
            Safari ▹ Preferences... ▹ Extensions
  Uninstall any extensions you don't know you need, including any that have the word "Spigot," "Trovi," or "Conduit" in the description. If in doubt, uninstall all extensions. Do the equivalent for the Firefox and Chrome browsers, if you use either of those.
  Reset the home page and default search engine in all the browsers, if it was changed.
  Step 2
  Triple-click anywhere in the line below on this page to select it:
  /Library/LaunchAgents/com.vsearch.agent.plist
  Right-click or control-click the line and select
            Services ▹ Reveal in Finder (or just Reveal)
  from the contextual menu.* A folder should open with an item named "com.vsearch.agent.plist" selected. Drag the selected item to the Trash. You may be prompted for your administrator login password.
  Repeat with each of these lines:
  /Library/LaunchDaemons/com.vsearch.daemon.plist
  /Library/LaunchDaemons/com.vsearch.helper.plist
  /Library/LaunchDaemons/Jack.plist
  Restart the computer and empty the Trash. Then delete the following items in the same way:
  /Library/Application Support/VSearch
  /Library/PrivilegedHelperTools/Jack
  /System/Library/Frameworks/VSearch.framework
  ~/Library/Internet Plug-Ins/ConduitNPAPIPlugin.plugin
  Some of these items may be absent, in which case you'll get a message that the file can't be found. Skip that item and go on to the next one.
  The problem may have started when you downloaded and ran an application called "MPlayerX." That's the name of a legitimate free movie player, but the name is also used fraudulently to distribute VSearch. If there is an item with that name in the Applications folder, delete it, and if you wish, replace it with the genuine article from mplayerx.org.
  This trojan is often found on illegal websites that traffic in pirated content such as movies. If you, or anyone else who uses the computer, visit such sites and follow prompts to install software, you can expect more of the same, and worse, to follow.
  You may be wondering why you didn't get a warning from Gatekeeper about installing software from an unknown developer, as you should have. The reason is that the Internet criminal behind VSearch has a codesigning certificate issued by Apple, which causes Gatekeeper to give the installer a pass. Apple could revoke the certificate, but as of this writing has not done so, even though it's aware of the problem. This failure of oversight has compromised both Gatekeeper and the Developer ID program. You can't rely on Gatekeeper alone to protect you from harmful software.
  *If you don't see the contextual menu item, copy the selected text to the Clipboard by pressing the key combination  command-C. In the Finder, select
            Go ▹ Go to Folder...
  from the menu bar and paste into the box that opens by pressing command-V. You won't see what you pasted because a line break is included. Press return.
  B.
  Remove "MacKeeper" as follows. First, back up all data.
  "MacKeeper" is a scam with only one useful feature: it deletes itself.
  Note: These instructions apply to the version of the product that I downloaded and tested in early 2012. I can't be sure that they apply to other versions.
  If you have incompletely removed MacKeeper—for example, by dragging the application to the Trash and immediately emptying—then you'll have to reinstall it and start over.
  IMPORTANT: "MacKeeper" has what the developer calls an “encryption” feature. In my tests, I didn't try to verify what this feature really does. If you used it to “encrypt” any of your files, “decrypt” them before you uninstall, or (preferably) restore the files from backups made before they were “encrypted.” As the developer is not trustworthy, you should assume that the "decrypted" files are corrupt unless proven otherwise.
  In the Finder, select
            Go ▹ Applications
  from the menu bar, or press the key combination shift-command-A. The "MacKeeper" application is in the folder that opens. Quit it if it's running, then drag it to the Trash. You'll be prompted for your login password. Click the Uninstall MacKeeper button in the dialog that appears. All the other functional components of the software will be deleted. Restart the computer and empty the Trash.
  ☞ Quit MacKeeper before dragging it to the Trash.
  ☞ Let MacKeeper delete its other components before you empty the Trash.
  ☞ Don't try to drag the MacKeeper Dock icon to the Trash.

• My new virus program loaded into internet explorer, how do I get on my Mozilla too?

  I have Explorer and Mozilla on my computer.
  When I loaded a new virus program it went to the explorer
  and not Mozilla.
  I use Mozilla and only use Explorer as a back up if Mozilla is down.
  If I can not have the virus program on both how do I move it to Mozilla. It is on the explorer program now.

  The post where I found the links is from Thursday, June 30, 2011. The links were attached to the word '''Flint''' in first paragraph, the name '''Elizabeth''' in the last paragraph and also the word '''surprise''' in the last paragraph.
  Earlier, I only noticed the word surprise in a different line was highlighted. I went into blog edit and removed and replaced the word with something else when I couldn't get rid of the link. When I went back to view the blog these other words were highlighted.
  Is it possible this is only visible on my computer??

• AFP Virus / Malware - Your browser has been locked

  Hi
  I'm still reasonably new to Macs and have a Virus / Malware I think.
  It says AFP (Australian Federal Police) have locked your browser, etc
  google says its bogus.
  How do I remove it?
  I can't shut down that TAB/Safari window.
  Please Help

  Hi,
  I guess it's from a Torrent then, but lesson learnt now.
  So if no Virus, then it's Malware??
  I'm running ClamXav right now to check - will that help or remove it?
  I'll start reading those pages now and I've added that Ad Block, thank you very much for the help.
  EDIT: I just did this, from another thread here that RE: FBI Malware
  To prevent the loop from running and exiting the page
  Disable Javascript.
  Hit back in Safari.
  Enable Javascript.
  Reset History and Top Sites as a precaution.
  This resolved the problem, but I'm staying clear of torrents forever!!!
  Freaky stuff

• Virus Malware Malicious content protection software?

  Is it true that I will not need to have active virus/malware /malicious content protection on my Mac?   Should I, or dont bother?

  1. This comment applies to malicious software ("malware") that's installed unwittingly by the victim of a network attack. It does not apply to software, such as keystroke loggers, that may be installed deliberately by an intruder who has hands-on access to the victim's computer. That threat is in a different category, and there's no easy way to defend against it. If you have reason to suspect that you're the target of such an attack, you need expert help.
  2. All versions of OS X since 10.6.7 have been able to detect known Mac malware in downloaded files, and to block insecure web plugins. This feature is transparent to the user, but internally Apple calls it "XProtect." The malware recognition database is automatically updated once a day; however, you shouldn't rely on it, because the attackers are always at least a day ahead of the defenders.
  The following caveats apply to XProtect:
  It can be bypassed by some third-party networking software, such as BitTorrent clients and Java applets (see below.)
  It only applies to software downloaded from the network. Software installed from a CD or other media is not checked.
  3. Starting with OS X 10.7.5, there has been another layer of built-in malware protection, designated "Gatekeeper" by Apple. By default, applications and Installer packages downloaded from the network will only run if they're digitally signed by a developer with a certificate issued by Apple. Software certified in this way hasn't actually been tested by Apple (unless it comes from the Mac App Store), but you can be reasonably sure that it hasn't been modified by anyone other than the developer. His identity is known to Apple, so he could be held legally responsible if he distributed malware. For most practical purposes, applications recognized by Gatekeeper as signed can be considered safe.
  Gatekeeper has, however, the same limitations as XProtect, and in addition the following:
  It can easily be disabled or overridden by the user.
  A malware attacker could get control of a code-signing certificate under false pretenses, or could find some other way to evade Apple's controls.
  For more information about Gatekeeper, see this Apple Support article.
  4. Beyond XProtect and Gatekeeper, there’s no benefit, in most cases, from any other automated protection against malware. The first and best line of defense is always your own intelligence. All known malware circulating on the Internet that affects a fully-updated installation of OS X 10.6 or later takes the form of so-called "trojan horses," which can only have an effect if the victim is duped into running them. The threat therefore amounts to a battle of wits between you and the malware attacker. If you're smarter than he thinks you are, you'll win.
  That means, in practice, that you never use software that comes from an untrustworthy source. How do you know whether a source is trustworthy?
  Any website that prompts you to install a “codec,” “plug-in,” "player," "archive extractor," or “certificate” that comes from that same site, or an unknown one, is untrustworthy.
  A web operator who tells you that you have a “virus,” or that anything else is wrong with your computer, or that you have won a prize in a contest you never entered, is trying to commit a crime with you as the victim. (Some reputable websites did legitimately warn users who were infected with the "DNSChanger" malware. That exception to this rule no longer applies.)
  Pirated copies or "cracks" of commercial software, no matter where they come from, are unsafe.
  Software of any kind downloaded from a BitTorrent or from a Usenet binary newsgroup is unsafe.
  Software with a corporate brand, such as Adobe Flash Player, must be downloaded directly from the developer’s website. If it comes from any other source, it's unsafe.
  5. Java on the Web (not to be confused with JavaScript, to which it's not related, despite the similarity of the names) is a weak point in the security of any system. Java is, among other things, a platform for running complex applications in a web page, on the client. That was never a good idea, and Java's developers have had a lot of trouble implementing it without also creating a portal for malware to enter. Past Java exploits are the closest thing there has ever been to a Windows-style "virus" affecting OS X. Merely loading a page with malicious Java content could be harmful. Fortunately, Java on the Web is mostly extinct. Only a few outmoded sites still use it. Try to hasten the process of extinction by avoiding those sites, if you have a choice.
  Java is not included in OS X 10.7 and later. A separate Java installer is distributed by Apple, and another one by Oracle (the developer of Java.) Don't use either one unless you need it. Most people don't. If Java is installed, disable it — not JavaScript — in your browsers. In Safari, this is done by unchecking the box marked Enable Java in the Security tab of the preferences dialog.
  Regardless of version, experience has shown that Java on the Web can't be trusted. If you must use a Java applet for a specific task, enable Java only when needed for the task and disable it immediately when done. Close all other browser windows and tabs, and don't visit any other sites while Java is active. Never enable any version of Java on a public web page that carries third-party advertising. Use it, if at all, only on well-known, password-protected, secure business or government websites without ads. In Safari 6 or later, you'll see a lock icon in the address bar with the abbreviation "https" when visiting a secure site.
  Follow these guidelines, and you’ll be as safe from malware as you can reasonably be.
  6. Never install any commercial "anti-virus" or "Internet security" products for the Mac, as they all do more harm than good, if they do any good at all. If you need to be able to detect Windows malware in your files, use the free software ClamXav — nothing else.
  Why shouldn't you use commercial "anti-virus" products?
  Their design is predicated on the nonexistent threat that malware may be injected at any time, anywhere in the file system. Malware is downloaded from the network; it doesn't materialize from nowhere.
  In order to meet that nonexistent threat, the software modifies or duplicates low-level functions of the operating system, which is a waste of resources and a common cause of instability, bugs, and poor performance.
  By modifying the operating system, the software itself may create weaknesses that could be exploited by malware attackers.
  7. ClamXav doesn't have these drawbacks. That doesn't mean it's entirely safe. It may report email messages that have "phishing" links in the body, or Windows malware in attachments, as infected files, and offer to delete or move them. Doing so will corrupt the Mail database. The messages should be deleted from within the Mail application.
  ClamXav is not needed, and should not be relied upon, for protection against OS X malware. It's useful only for detecting Windows malware. Windows malware can't harm you directly (unless, of course, you use Windows.) Just don't pass it on to anyone else.
  A Windows malware attachment in email is usually easy to recognize. The file name will often be targeted at people who aren't very bright; for example:
  ♥♥♥♥♥♥♥♥♥♥♥♥♥♥!!!!!!!H0TBABEZ4U!!!!!!!.AVI♥♥♥♥♥♥♥♥♥♥♥♥♥♥.exe
  ClamXav may be able to tell you which particular virus or trojan it is, but do you care? In practice, there's seldom a reason to use ClamXav unless a network administrator requires you to run an anti-virus application.
  8. The greatest harm done by anti-virus software, in my opinion, is in its effect on human behavior. It does little or nothing to protect people from emerging threats, but they get a false sense of security from it, and then they may behave in ways that expose them to higher risk. Nothing can lessen the need for safe computing practices.
  9. It seems to be a common belief that the built-in Application Firewall acts as a barrier to infection, or prevents malware from functioning. It does neither. It blocks inbound connections to certain network services you're running, such as file sharing. It's disabled by default and you should leave it that way if you're behind a router on a private home or office network. Activate it only when you're on an untrusted network, for instance a public Wi-Fi hotspot, where you don't want to provide services. Disable any services you don't use in the Sharing preference pane. All are disabled by default.

• Virus/Malware Solution Recommended For Flash Zero Day Breach

  Can anyone recommend a virus/malware protection solution.  I attempted to download adobe flash this morning and now malware has control of my browser and is sending a page with an 866 number to call.  My IT tech called the number and it is an India call center and they want remote access to your machine.  I have installed several different malware packages and none of them can find the files that are causing this problem.  I am using a MAC with OSX 10.10.

  Aaaahhhh yes... remember when an entire day could by without news of a breach or hack or targeted attack? Yeah... neither do I.It will probably shock you all to hear that the Symantec Security Response team dropped a new blog over the weekend outlining a Zero-Day vulnerability in Adobe Flash player. Dig it:Second PoC Exploit for Adobe Flash Player Discovered After the Hackers-for-Hire Company Breach
  Yet another Adobe Flash Player zero-day discovered from the Hacking Team breach.Symantec is aware of a second vulnerability (CVE-2015-5122) in Adobe Flash Player that’s associated withHacking Team, the Italian company which recently suffered a major data breach. The existence of the unpatched vulnerability has been confirmed by Adobein itssecurity bulletin.Symantec’s analysis has confirmed that the vulnerability can be successfully exploited...
  This topic first appeared in the Spiceworks Community

• I have a redirect virus/malware that I can't get rid of - Stopzilla ID MalPac.D - any suggestions

  I have picked up either a virus or some malware that frequently redirects my browser to intermediate sites. Stopzilla calls it MalPac.D but repeated attempts to remove it with Stopzilla have failed. I tried to update my antivirus (Bitdefender) but every time I try to download it I get a message that the installer files are corrupt and the install fails. I installed a different antivirus product that also found some viruses and removed them but the redirect is still there.
  I can go into tools>options>advanced>settings>advanced and find that there is a manual proxy server selected. If I just click on "No Proxy" the proxy setting will reset itself. If I just click on "No Proxy" and delete the info for the proxy server I can then do searches without redirects.
  Any idea how I can find and get rid of the redirect virus/malware?

  Try clearing Safari's cache : Settings > Safari > Clear Cache (and Clear History). You could also try turning on Block Pop-Ups on the same Settings page.
  Also close Safari completely : from the home screen (i.e. not with Safari 'open' on-screen) double-click the home button to bring up the taskbar, then press and hold any of the apps on the taskbar for a couple of seconds or so until they start shaking, then press the '-' in the top left of the Safari app to close it, and touch any part of the screen above the taskbar so as to stop the shaking and close the taskbar.
  You could also try a reset : press and hold both the sleep and home buttons for about 10 to 15 seconds (ignore the red slider), after which the Apple logo should appear - you won't lose any content, it's the iPad equivalent of a reboot.

• Why did I start getting an initial popup window saying "If you started this, press Continue"? The last time this happened a nasty new virus had attached itself to my computer and it crashed.

  Usually when I click on my Firefox icon it opens without any problem....however, several months ago when I clicked on it a small screen in the middle of my screen popped up asking me to click on the box "Continue" if I had initiated the action. When I did, my computer froze and had been taken over by a new virus (which cost me $90 to get rid of even though I have McAfee). Just a couple of days ago the same small screen popped up and due to my past experience instead of clicking on "Continue" I've been clicking the tab that says "Cancel". Firefox still loads and I've been able to navigate. However, today while I was on it started to go really slow so I tried to shut down the browser screen by clicking the X on the top right corner...came up with a black screen and message at the top "Firefox not responding". I like using Firefox more than Explorer, but may need to change if this keeps happening.

  Is the computer system software up to date?
  What about the printer driver version?
  If the printer is wireless capable, and has a
  sleep or low-power mode, it may stand-by
  or not really be 'off' so read a manual to see
  what the printer can do, & be sure the OS X
  is correct, along with maker's driver version.
  The printer may be seen as a bonjour printer
  or other, if it has an built-in antenna. I've not
  heard of a printer causing a Mac to wakeup
  in a manner of occurrence, as you've stated.
  I've had dozens of Macs & several brands of
  printers, w-fi capable or not. None ever did that.
  If you have a PowerPC Mac running Tiger 10.4.9
  or an Intel-based Mac, consider later software
  and any later driver updates for the printer(s.)
  Good luck

• How will i know if a virus,malware or spyware is d...

  i hve scan my comp and it wont finish scanning 1 program files un-scaned and alcohol120 program files. i'm a bit woried about the privacy of our video call.. my wifes brother warned us of some virus that is includen on some sofwres that you might download on your pc. how will i know if a virus,malware or spyware is design to hack my video call on skype? can that proram files  that cant be scned can be a form of virus of software that can hck my videocalls.. pls tell me how cn i know that..

  Only a clean install can give you a clean chit.
  But that is painful if you want to restore your applications and settings.
  So called hacks are very rare and unlikely to be on your comp. Check Activity Monitor and if you see weird processes then you need to be worried; else you are generallly fine.
  Have a lovely single malt with ice and water and relax...